Crack Windows password with john the ripper

John the ripper is a password cracker tool, which try to detect weak passwords. John the ripper can run on wide variety of passwords and hashes. This tool is also helpful in recovery of the password, in care you forget your password.

John the ripper is popular because of the dictionary attacks & is mainly is used in bruteforce attacks. Ethical hacking researcher of iicybersecurity said this method is useful because many old firms still uses the windows old versions which is not good in terms of cybersecurity.

CRACKING THE WINDOWS:-

In windows, password is typically stored in SAM file in %SystemRoot%\system32\config. Windows uses the NTLM hash. During the boot time the hashes from the SAM file gets decrypted using SYSKEY and hashes is loaded in registry which is then used for authentication purpose.

Windows does not allow users to copy the SAM file in another location so you have to use another OS to mount windows over it and copy the SAM file. Once the file is copied we will decrypt the SAM file with SYSKEY and get the hashes for breaking the password.

In below case we are using Kali Linux OS to mount the windows partition over it.

For making the bootable disk you can use rufus freeware which is available here: https://rufus.ie/en_IE.html

This freeware is very easy to use. You simply have to select Kali linux iso image for making bootable disk.

After creating the boot disk. Simply boot with bootable disk and follow steps as mentioned below:

First you have to check the hard disk partition that where is the windows is installed. For that type fdisk -l.

CHECKING THE HARD DISK PARTITIONS:-

In the above screen shot, after executing the query the command has shown 3 partitions of the target hard disk. By looking at size of partition you can know that where the target OS (Windows) in installed.

In the above screen shot after executing above query. The wordlist will be used to crack the password. As shown above the current password for the target OS is 123456.

Attacker can also use his own wordlist for cracking the password. In kali linux many wordlists are available that can be used in cracking. For using the kali linux wordlist go to -> /usr/share/wordlists/

NOTE:- The above method will work till WINDOWS 7 Operating system. It will not work on WINDOWS 8/8.1/10